Received: by 2002:ab2:710b:0:b0:1ef:a325:1205 with SMTP id z11csp1858397lql;
        Wed, 13 Mar 2024 10:01:32 -0700 (PDT)
X-Forwarded-Encrypted: i=3; AJvYcCUWBlUfQ1B645PiH8NCyWnOSSYqlpvanCrmL5y4JdARSPK38FTEl9FKVXhFcNCmpRwjvWM/6xMNUPBxLP49m2EK7RcQZo9seZG2zLciSw==
X-Google-Smtp-Source: AGHT+IFKIFfQHiziMxsUJ6P9IVtrUEvSnhRQ9Wsmdt5ujRazX+MRXMxVw1PnDOpRr3KAhs2arUX6
X-Received: by 2002:a0c:c20f:0:b0:690:d6fc:13da with SMTP id l15-20020a0cc20f000000b00690d6fc13damr424208qvh.39.1710349291922;
        Wed, 13 Mar 2024 10:01:31 -0700 (PDT)
ARC-Seal: i=2; a=rsa-sha256; t=1710349291; cv=pass;
        d=google.com; s=arc-20160816;
        b=l/F8FWviUKxxSkRHPIDxuBTKCsteBkxDXP2A83yLpayfq5MkCVEBEmc53qKK3JU4Ok
         6CEGUmlAkPDBqvkudlU3Dz/ZgWSM+/k7RZhNwGQtzWvsji5YrMM904KCVRnYrDyDtobx
         FD6dla103zCR4JzbwvGIRBRGoVXKhdlEAVnMEp0ppvXuwtStMec5renlCJzW58vmdy76
         sq7OK/gtHWn9fJjq2oTqgRm3qFAK0o4Tgvk3BE8D7TZk8y10IacLDnUWwJKgpxE9ums/
         SGn19171cc/R9omPXOiL6r/ftjl3U1irmYgoE1PPyfXbXsRLoo5JXBEFACCSCtOF1114
         wvdA==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=content-transfer-encoding:mime-version:list-unsubscribe
         :list-subscribe:list-id:precedence:references:in-reply-to:message-id
         :date:subject:cc:to:from:dkim-signature;
        bh=X8YBYTx622AhpUleC0Q9H5/KXs8XDv83fiqrcze6C60=;
        fh=n57q/1wYIzfY3Pv6PQYkmVYioDP3jD2Q5sJ+1AQwV4k=;
        b=GAi+QDyiZ41sJ5igfyHLEob8XmwFlXfWASRi+cFWit1NZm5AGPd3KZMbMQxEsub+VX
         Qr2CHuECrUuIlpEtmJsm12ow+v94DyiKq8F6+sbXwqwxD2lChsdJX/1P7wi+jMC8kavk
         a+fdfeXCzUkhNnZ6JTBbVK3lbdm+4eQrLV1GQdABsS1ACHOPxdIwSjbCOo1Rt0nIG82A
         meD28GSe17irUP9k6wIEK9ML6Aa8U2lGBn7LZ9CRjTnLXkbNYei5wONqK4YlPKsZ7mqX
         ZLZP6/CZjfjU1IrxpA/Rhmx/zfr4DKWIBn7XgKfMcW9BgFrsxUyTkYah91ikKspbWhGK
         s9pA==;
        dara=google.com
ARC-Authentication-Results: i=2; mx.google.com;
       dkim=pass header.i=@kernel.org header.s=k20201202 header.b="R5/4Z7WX";
       arc=pass (i=1 dkim=pass dkdomain=kernel.org);
       spf=pass (google.com: domain of linux-kernel+bounces-101859-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-101859-linux.lists.archive=gmail.com@vger.kernel.org";
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Return-Path: <linux-kernel+bounces-101859-linux.lists.archive=gmail.com@vger.kernel.org>
Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [2604:1380:45d1:ec00::1])
        by mx.google.com with ESMTPS id om30-20020a0562143d9e00b0068cb2240b10si9907679qvb.611.2024.03.13.10.01.31
        for <linux.lists.archive@gmail.com>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Wed, 13 Mar 2024 10:01:31 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel+bounces-101859-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) client-ip=2604:1380:45d1:ec00::1;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@kernel.org header.s=k20201202 header.b="R5/4Z7WX";
       arc=pass (i=1 dkim=pass dkdomain=kernel.org);
       spf=pass (google.com: domain of linux-kernel+bounces-101859-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-101859-linux.lists.archive=gmail.com@vger.kernel.org";
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by ny.mirrors.kernel.org (Postfix) with ESMTPS id A3A211C20BB1
	for <linux.lists.archive@gmail.com>; Wed, 13 Mar 2024 17:01:25 +0000 (UTC)
Received: from localhost.localdomain (localhost.localdomain [127.0.0.1])
	by smtp.subspace.kernel.org (Postfix) with ESMTP id D4CD4762CD;
	Wed, 13 Mar 2024 16:38:17 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="R5/4Z7WX"
Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 003A876046;
	Wed, 13 Mar 2024 16:38:16 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201
ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1710347897; cv=none; b=WIw+YXLt4iwD5/8cz5Lub72eaLm6J5FmA+V+oUltaFsJ1LxfFCAEhGLg/nZv/ZBu+nMEaB3NFxfkEgYET6VgqVe1J1ySbepo2araFaPLMsk+3CRIOv+Icf28rhbDKpIwzWICbp35tLxmIdddDzUH/BDaqe8Vzbxf3obRmC+OkXY=
ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1710347897; c=relaxed/simple;
	bh=jF/IvEEKsyPeFj7S+JTy2wNR+BHVPZyVTF4Bd9/eYCc=;
	h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:
	 MIME-Version; b=ETcNJaarEFhM7l0x1SYQSx/35yFr2w88ZsePPdSqmcdE66N2tLYg6DPd6Ac4dJu71DhggZG1dxlyYPOEhAYxgdlKq8BterHaXzS/rsq4CGkm+50SgzfFd+d93qjunyldWUWkmsT/PPJt1G9G8wSg87u5ZFg+yNB5TmASJ6glzqM=
ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=R5/4Z7WX; arc=none smtp.client-ip=10.30.226.201
Received: by smtp.kernel.org (Postfix) with ESMTPSA id 2442AC43394;
	Wed, 13 Mar 2024 16:38:16 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
	s=k20201202; t=1710347896;
	bh=jF/IvEEKsyPeFj7S+JTy2wNR+BHVPZyVTF4Bd9/eYCc=;
	h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
	b=R5/4Z7WX8RZ0WjKf8iuYlmGSHIZFJ5qcSGgknIySe3QpKUiFlM63pXcH7WqQP10lk
	 gLg2lZH2wRrRhtesKbwN7RDpm6pALIuBRWKf7aPEb/8QSiTzH5MEetG2X2dEr/Yv1Y
	 eB6X+NjhE9zMDP0C50oBJAPRV13/e+kv5Tp1omX+xT7/wxvEfb82JTf57spqFqp/iG
	 aWGrzutxUfO5VUdhkaN13jwye5qhF7Ll+ISgUligJdkwFRTYg+0jbTlTLLg80c2SZy
	 bBwVb85sQ5DcvCqC7dmilEwAojg7JdLuBrwjnBFyTv3hb3bWPLITitFakmZ0GqMBfP
	 SwDvYB7K27+6w==
From: Sasha Levin <sashal@kernel.org>
To: linux-kernel@vger.kernel.org,
	stable@vger.kernel.org
Cc: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>,
	Dave Hansen <dave.hansen@linux.intel.com>,
	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Subject: [PATCH 6.6 56/60] x86/mmio: Disable KVM mitigation when X86_FEATURE_CLEAR_CPU_BUF is set
Date: Wed, 13 Mar 2024 12:37:03 -0400
Message-ID: <20240313163707.615000-57-sashal@kernel.org>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <20240313163707.615000-1-sashal@kernel.org>
References: <20240313163707.615000-1-sashal@kernel.org>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
X-KernelTest-Patch: http://kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.6.22-rc1.gz
X-KernelTest-Tree: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git
X-KernelTest-Branch: linux-6.6.y
X-KernelTest-Patches: git://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git
X-KernelTest-Version: 6.6.22-rc1
X-KernelTest-Deadline: 2024-03-15T16:36+00:00
X-stable: review
X-Patchwork-Hint: Ignore
Content-Transfer-Encoding: 8bit

From: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>

commit e95df4ec0c0c9791941f112db699fae794b9862a upstream.

Currently MMIO Stale Data mitigation for CPUs not affected by MDS/TAA is
to only deploy VERW at VMentry by enabling mmio_stale_data_clear static
branch. No mitigation is needed for kernel->user transitions. If such
CPUs are also affected by RFDS, its mitigation may set
X86_FEATURE_CLEAR_CPU_BUF to deploy VERW at kernel->user and VMentry.
This could result in duplicate VERW at VMentry.

Fix this by disabling mmio_stale_data_clear static branch when
X86_FEATURE_CLEAR_CPU_BUF is enabled.

Signed-off-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com>
Reviewed-by: Dave Hansen <dave.hansen@linux.intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
 arch/x86/kernel/cpu/bugs.c | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c
index 17eb4d76e3a53..19256accc0784 100644
--- a/arch/x86/kernel/cpu/bugs.c
+++ b/arch/x86/kernel/cpu/bugs.c
@@ -422,6 +422,13 @@ static void __init mmio_select_mitigation(void)
 	if (boot_cpu_has_bug(X86_BUG_MDS) || (boot_cpu_has_bug(X86_BUG_TAA) &&
 					      boot_cpu_has(X86_FEATURE_RTM)))
 		setup_force_cpu_cap(X86_FEATURE_CLEAR_CPU_BUF);
+
+	/*
+	 * X86_FEATURE_CLEAR_CPU_BUF could be enabled by other VERW based
+	 * mitigations, disable KVM-only mitigation in that case.
+	 */
+	if (boot_cpu_has(X86_FEATURE_CLEAR_CPU_BUF))
+		static_branch_disable(&mmio_stale_data_clear);
 	else
 		static_branch_enable(&mmio_stale_data_clear);
 
@@ -498,8 +505,11 @@ static void __init md_clear_update_mitigation(void)
 		taa_mitigation = TAA_MITIGATION_VERW;
 		taa_select_mitigation();
 	}
-	if (mmio_mitigation == MMIO_MITIGATION_OFF &&
-	    boot_cpu_has_bug(X86_BUG_MMIO_STALE_DATA)) {
+	/*
+	 * MMIO_MITIGATION_OFF is not checked here so that mmio_stale_data_clear
+	 * gets updated correctly as per X86_FEATURE_CLEAR_CPU_BUF state.
+	 */
+	if (boot_cpu_has_bug(X86_BUG_MMIO_STALE_DATA)) {
 		mmio_mitigation = MMIO_MITIGATION_VERW;
 		mmio_select_mitigation();
 	}
-- 
2.43.0